Those breaches were luckily on the backend and not the frontend; their security model depends on the web service never sending malicious JS for the client side decryption.
1 Like
I use PasswordSafe, just to muddy the water a little.
I use LastPass. Have used it for years. There’s no better one and all for 1.99 a month. It is synced to 2 computers, 2 iPhones, and an iPad. Additionally I can sign into it from any place in the world as long as I know the master password and have internet access. All devices are synced so new or changed passwords are available instantly.
I’ve used 1Password. It is cross platform (MAC, PC, Linux) as well as apps for iPhone & Android. You can store the vault locally, the web or dropbox. for me the value is multiple vaults, in my case one for business, one for personal and one for financial.
If I’m interested in reading about high-level security topics, where would I start?
e.g. you mention encryption at all those different points, that’s all over my head. I’m going to guess that some website reviews and discusses these things.
this is a good source - https://www.ethicalhacker.net/. If you want to learn about cyber security, check this https://www.cybrary.it/.
If you are in linkedIn you can join some forums like CSFI.
Here is what I did. This gets your Password Manager across the devices.
- Install Keepass2Android on your android phone
- Open the app and before signup change the directory of the file to your google drive.
- Create Master Key
- Go to your Google Drive
- Download Backup and Sync(PC/Mac)
- Open the Drive folder on your PC/Mac
- Make sure your keepass db file is available
- Download and Install keepass from keepass.info on your pc/mac
- Open keepass on your pc/mac
- choose the option of using an existing keepass db
- prompts to select the file (should be in pc-user/google drive)
- Select the .kdbx file in the drive folder
- Enter the Master Key that you created with the android app.
- Voila!!!
2 Likes